---
# Configuration for the anitya webapp

- name: clean yum metadata
  command: yum clean all
  tags:
  - packages
  - anitya_frontend

- name: install needed packages
  yum: pkg={{ item }} state=present
  with_items:
  - anitya
  - python-psycopg2
  - python-memcached
  - libsemanage-python
  - httpd
  - mod_ssl
  tags:
  - packages
  - anitya_frontend

- name: Install all the configuration file of anitya
  template: src={{ item.file }}
            dest={{ item.location }}/{{ item.file }}
            owner=apache group=apache mode=0600
  with_items:
  - { file: anitya.cfg, location: /etc/anitya }
  - { file: anitya.conf, location: /etc/httpd/conf.d }
  - { file: anitya.wsgi, location: /var/www/, dest: anitya.wsgi }
  tags:
  - config
  - anitya_frontend
  notify:
  - restart apache

- name: create the folder where we store the ssl cert if not already there
  action: file state=directory
               path=/etc/pki/tls/certs/
               owner=root group=root mode=0755

- name: Install the SSL cert so that we can use https
  copy: >
      src={{ private}}/files/httpd/{{ item }} dest=/etc/pki/tls/certs/{{ item }}
      owner=root group=root mode=0600
  with_items:
  - release-monitoring.org.cert
  - release-monitoring.org.key
  - release-monitoring.org.intermediate.cert
  tags:
  - config
  - anitya_frontend

- name: Install the configuration file to activate https
  copy: >
    src={{ item }} dest=/etc/httpd/conf.d/{{ item }}
    owner=root group=root mode=0644
  with_items:
  - 0_releasemonitoring.conf
  tags:
  - files
  - config
  - anitya_frontend
  notify:
  - restart apache

- name: set sebooleans so anitya can talk to the db
  action: seboolean name={{ item }}
                    state=true
                    persistent=true
  with_items:
  - httpd_can_network_connect_db
  - httpd_can_network_connect
  tags:
  - anitya_frontend

